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SECURE TRANSACTION 
MANAGEMENT AND 
ELECTRONIC RIGHTS 
PROTECTION 

Assistant Commissioner for Patents 
Washington, DC 20231 

Sir: 

PRELIMINARY AMENDMENT 

Prior to the examination of the above application, please amend this application 

as follows: 

IN THE SPECIFICATION: 


Please amend the specification by inserting on page 1 , prior to the "Field of the 
Invention," the following paragraph: 

This application is a continuation of application Serial No. 09/342,899, filed June 
29, 1999, which is a continuation of application Serial No. 08/780,545, filed January 8, 
1997 (now U.S. Patent No. 5,917,912), which is a divisional of application Serial No. 
08/388,107, filed February 13, 1995 (now abandoned), all of which are incorporated 
herein by reference. 
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IN THE CLAIMS: 

Please cancel claims 1-90 and add new claims 91-128 as follows: 

91 . A load module comprising: 

a load module header including a public portion and a private portion; 

said public portion including identification information and information 
describing at least one aspect of a hardware or software platform on which said load 
module is designed to execute; 

said private portion including at least one correlation tag including 
information used to determine whether a method has authorization to call or load the 
load module; and 

a load module body, including: 

executable programming specifying that information relating to a use of 
the load module be communicated to a remote site; and 

a reference to data, at least some of said data being associated with or 
used by said executable programming. 

92. The load module of Claim 91 , in which said at least one aspect includes 
the level or degree of security present or available on such platform. 

93. The load module of Claim 91 , in which said at least one aspect includes 
the type of computer. 

94. The load module of Claim 91 , in which said at least one aspect includes 
the type of software running on such platform. 

95. The load module of Claim 91 , in which said at least one aspect includes 
one or more computer languages recognized by said platform. 

96. An operating system comprising: 


-2- 


LAW OFFICES 

inegan, Henderson, 
: arabgw, Garrett 
s dunner.l.l.p. 

NFORD RESEARCH PARK 

700 HANSEN WAY 
\LO ALTO, CALIF. 94304 
65O-8-49-66O0 


component assembling programming which assembles a plurality of elements into a 
component, said component assembling programming including; 

(a) validation programming used to validate said elements, said validation 
programming including: 

(1 ) tag checking programming used to check the identity, validity or 
integrity of elements by comparing tags incorporated in said elements to expected 
values; and 

(2) element identification and referencing programming; and 

(b) communications programming used to communicate at least one result of 
said tag comparison to a remote site; and 

an object switch which controls and communicates objects, said object switch including: 
one or more stream interfaces; and 
a container manager used to manage secure containers. 

97. The operating system of Claim 96, in which: 

said operating system is designed to operate correctly with applications programs 
written to run on one or more versions of the Microsoft Windows operating system. 

98. The operating system of Claim 96, in which: 
said operating system runs in a processing environment; and 

said operating system includes at least one added component delivered at some point 
after the initial installation of said operating system at said processing environment. 

99. The operating system of Claim 98, in which: 

said added component provides scalability to said operating system. 
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1 00. The operating system of Claim 98, in which: 

said added component comprises a component assembly made up of a plurality of 
elements. 

1 01 . The operating system of Claim 96, said operating system further 
comprising: 

channel definition programming which sets up and initializes channels in which 
component assemblies are assembled. 

1 02. The operating system of Claim 96, in which: 

said component assembling program includes programming which checks said 
components for information regarding the manner in which said components are 
designed to be assembled into a component assembly, 

said programming requiring that said components only be assembled in the manner 
specified by said information. 

1 03. The operating system of Claim 96, in which: 

said tag checking programming includes comparison programming which compares the 
contents of the public tag associated with an element with the contents of a private tag 
associated with that element. 

104. The operating system of Claim 103, in which: 

said comparison programming includes programming which decrypts said private tag 
prior to said comparison. 

105. The operating system of Claim 96, in which: 

said tag checking programming includes comparison programming which compares the 
contents of a tag associated with an element with the contents of a tag associated with 
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a process requesting said element. 

106. The operating system of Claim 105, in which: 

said comparison programming includes programming which decrypts said tag 
associated with said element prior to said comparison. 

1 07. The operating system of Claim 96, in which: 

said tag checking programming includes comparison programming which 
compares the contents of a tag associated with an element with the contents of a tag 
stored in a secure processing unit; 

said comparison designed to determine whether said tag associated with said 
element is the same as the tag most recently assigned to said element by said secure 
processing unit. 

1 08. The operating system of Claim 96, further comprising: 
e-mail management programming. 

109. The operating system of Claim 108, in which: 

said e-mail management programming includes programming which recognizes and 
controls secure e-mail or secure e-mail attachments. 

1 1 0. The operating system of Claim 1 09, in which: 

said e-mail management programming includes programming which routes secure e- 
mail or secure e-mail attachments to a secure memory location. 

111. The operating system of Claim 96, further comprising: 
an object repository manager. 

112. The operating system of Claim 1 1 1 , in which: 

said object repository manager provides services relating to access to an object 
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repository. 

1 1 3. The operating system of Claim 96, in which: 

said validation programming includes certificate programming which checks digital 
certificates associated with said elements. 

1 14. The operating system of Claim 1 13, in which: 

said certificate programming includes programming which compares an expiration date 
on at least some of said digital certificates with the current date. 

1 1 5. The operating system of Claim 1 13, in which: 

said certificate programming includes programming which extracts one or more keys 
from at least one of said digital certificates and uses said one or more keys to decrypt 
information associated with the digital certificate from which said one or more keys was 
extracted. 

116. The operating system of Claim 96, in which: 

said object switch includes a stream router which includes programming which 
routes streams to and from said stream interfaces. 

1 1 7. The operating system of Claim 96, in which: 

said one or more stream interfaces include at least one real time stream interface. 

118. The operating system of Claim 1 17, in which: 

said real time stream interface includes programming designed to accept and route real 
time data stream information. 

1 1 9. The operating system of Claim 1 01 , in which: 

said channels further serve to pass events to methods and load modules specified to 
process the events. 
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120. The operating system of Claim 96, in which: 

said component assembling programming includes programming which uses a 
blueprint in said component assembly process. 

121. A component assembly comprising: 

a first load module and a second load module, each load module comprising: 
a load module header, made up of a public portion and a private portion; 

said public portion including identification information and information 
describing at least one aspect of a hardware or software platform on which said load 
module is designed to execute; 

said private portion including at least one correlation tag including 
information used to determine whether a method has authorization to call or load the 
load module; and 

a load module body, including: 

executable programming; and 

a reference to data, at least some of said data being associated with or 
used by said executable programming, 

said first load module executable programming including programming requiring 
the storage of audit information relating to use of the component assembly. 

1 22. The component assembly of Claim 1 21 , in which said at least one aspect 
includes the level or degree of security present or available on such platform. 

1 23. The component assembly of Claim 1 21 , in which said at least one aspect 
includes the type of computer. 


124. The component assembly of Claim 121 , in which said at least one aspect 
includes the type of software running on such platform. 

125. The component assembly of Claim 121 , in which said at least one aspect 
includes one or more computer languages recognized by said platform. 

1 26. A component assembly comprising: 

a first load module and a second load module, each load module comprising: 
a load module header, made up of a public portion and a private portion; 
said public portion including identification information; 
said private portion including at least one correlation tag and information 
on the stack size used by or required by said load module, said correlation tag including 
information used to determine whether a method has authorization to call or load the 
load module; and 

a load module body, including: 

executable programming; and 

a reference to data, at least some of said data being associated with or 
used by said executable programming, 

said first load module executable programming including programming requiring 
the storage of information uniquely identifying a device at which said component 
assembly is stored. 

1 27. A component assembly comprising: 

a first load module and a second load module, each load module comprising: 
a load module header, made up of a public portion and a private portion; 
said public portion including identification information; 
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said private portion including at least one correlation tag, and an access 
tag, said access tag being made up of at least two fields, each of which can be 
accessed and used separately and said correlation tag including information used to 
determine whether a method has authorization to call or load the load module; and 
a load module body, including: 

executable programming; and 

a reference to data, at least some of said data being associated with or 
used by said executable programming, 

said first load module executable programming including programming requiring 
communicating a unique identification for a device at which said component assembly is 
stored to a remote location. 

128. A computer processing system comprising: 

a component assembler which assembles a plurality of elements into a 
component assembly, said plurality of elements each including at least one tag, said 
component assembler including a validator that validates each of said plurality of 
elements, said validator including a tag checker that checks at least one of: (a) the 
identity, (b) the validity and (c) the integrity, of said plurality of elements by comparing 
said tags incorporated in said plurality of elements to expected values; and 

an object switch coupled to said component assembler, said object switch 
including: 

(a) a stream router that communicates component assemblies; 

(b) one or more stream interfaces coupled to said stream router; 

(c) a container manager that, in use, manages said component assemblies; and 
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(d) an object switch interface that interfaces said object switch with said 
component assembler; and 

a communications module which communicates a unique identifier of the 
computer processing system or a user of the computer processing system to a remote 
location. 

REMARKS 

This application is a continuation of pending prior U.S. Appln. Ser. No. 
09/342,899 ("the parent application"). In the parent application, the Examiner rejected 
claims 100-137 under 35 U.S.C. § 102(e) as anticipated by either U.S. Patent No. 
5,412,717 or U.S. Patent No. 5,748,960, both to Fischer . In an Amendment After Final 
dated May 24, 2001, Applicants canceled claims 100-137 from the parent application. 

In the current application, Applicants cancel claims 1-90 from the original 
application and submit a Preliminary Amendment adding claims 91-138. Claims 91-138 
in the current application correspond to claims 100-137 in the parent application, with 
amendments. 

To expedite prosecution, Applicants point out for the Examiner that claims 91-95 
are patentable over Fischer 71 7 because Fischer 71 7 does not teach or disclose a 
load module body including "executable programming specifying that information 
relating to a use of the load module be communicated to a remote site," as is recited by 
claim 91. 

Applicants submit that Fischer '960 does not teach or disclose component 
assembling programming including "communications programming used to 
communicate at least one result of said tag comparison to a remote site," as recited by 
claim 96 of the present application. For at least this reason, Applicants respectfully 
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submit that claims 96-120 are patentable over Fischer '960. 

Claims 121-125 recite a load module body with the "first load module executable 
programming requiring the storage of audit information relating to the use of the 
component assembly," which is not taught or disclosed by Fischer '960. For at least this 
reason, Applicants submit these claims should be patentable. 

Additionally, Fischer '960 does not teach or disclose a load module body with a 
"first load module executable programming including programming requiring the storage 
of information uniquely identifying a device at which said component assembly is 
stored," as is recited by claim 126. For at least this reason, Applicants submit that claim 
126 is patentable over Fischer '960. 

Claim 127 is patentable over Fischer '960 because Fischer '960 does not teach 
or disclose a load module body with "said first load executable programming including 
programming requiring communicating a unique identification for a device at which said 
component assembly is stored to a remote location." Applicants submit that, for at least 
this reason, claim 127 should be allowed. 

Fischer '960 also does not teach or disclose an "communications module which 
communicates a unique identifier of the computer processing system or a user of the 
computer processing system to a remote location," as is recited by claim 128. For at 
least this reason, claims 128 should be patentable over Fischer £ 960. 

In summary, Applicants respectfully submit that claims 100-137 are patentable 
over the prior art cited in the prior applications and request that these claims be allowed. 
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If there is any fee due in connection with the filing of this Preliminary 

Amendment, please charge the fee to our Deposit Account No. 06-0916. 

Respectfully submitted, 

FINNEGAN, HENDERSON, FARABOW, 
GARRETT & DUNNER, LLP. 


Dated: May 31, 2001 By:. 



Linda J/Thayerv. 
Reg. No. 45,681 
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